public void UserManagementLogic_ImportMerge_EntityWithEmptySamAccountName_ThrowsInsufficientDataException()
{
ClaimsPrincipal user = new ClaimsPrincipal();
ImportUsersActiveDirectoryMetadataModel entity = new ImportUsersActiveDirectoryMetadataModel()
{
MergeWith = Guid.NewGuid(),
Merge = true,
Users = new System.Collections.Generic.List <ActiveDirectoryMetadataAuthPrincipalQueryResultModel>()
{
new ActiveDirectoryMetadataAuthPrincipalQueryResultModel()
{
SamAccountName = string.Empty,
UserPrincipalName = "TestUpn"
}
}
};
Mock <IConfigurationRepository> configurationRepository = new Mock <IConfigurationRepository>();
configurationRepository.Setup(x => x.Exists <AuthenticablePrincipal>(It.IsAny <Expression <Func <AuthenticablePrincipal, bool> > >())).Returns(false);
configurationRepository.Setup(x => x.Get <AuthenticablePrincipal>(It.IsAny <Guid>())).Returns(new AuthenticablePrincipal());
configurationRepository.Setup(x => x.Exists <ActiveDirectoryMetadata>(It.IsAny <Guid>())).Returns(true);
UserManagementLogic userManagementLogic = new UserManagementLogic(configurationRepository.Object, new AuthorizeInitialSetup(configurationRepository.Object));
userManagementLogic.ImportUser(entity, user);
}
public JsonResult ImportUsers(ImportUsersActiveDirectoryMetadataModel entity)
{
try
{
userManagement.ImportUser(entity, User);
return(http.RespondSuccess());
}
catch (Exception e)
{
return(http.RespondServerError(e.Message));
}
}
public void UserManagementLogic_ImportUser_Unauthorized_ThrowsUnauthorizedAccessException()
{
ClaimsPrincipal user = new ClaimsPrincipal();
ImportUsersActiveDirectoryMetadataModel entity = GetImportUsersActiveDirectoryMetadataModelValid();
Mock <IAuthorizationLogic> authorizationLogic = new Mock <IAuthorizationLogic>();
authorizationLogic.Setup(x => x.IsAuthorizedThrowsException(AuthorizationScopes.ManageUsers, user, It.IsAny <ILoggableEntity>(), It.IsAny <EventCategory>())).Throws(new UnauthorizedAccessException());
Mock <IConfigurationRepository> configurationRepository = new Mock <IConfigurationRepository>();
UserManagementLogic userManagementLogic = new UserManagementLogic(configurationRepository.Object, authorizationLogic.Object);
userManagementLogic.ImportUser(entity, user);
}
private void ImportMerge(ImportUsersActiveDirectoryMetadataModel entity)
{
if (entity.MergeWith == null)
{
throw new MergeRequiresMergeTargetException("merge operation requires a valid userid to merge with");
}
if (!this.UserExists(entity.MergeWith.Value))
{
throw new MergeRequiresMergeTargetException("merge operation requires a valid userid to merge with");
}
AuthenticablePrincipal existingUser = configurationRepository.Get <AuthenticablePrincipal>(entity.MergeWith.Value);
foreach (var user in entity.Users)
{
if (!configurationRepository.Exists <ActiveDirectoryMetadata>(user.DomainId))
{
throw new ReferencedObjectDoesNotExistException("The authentication realm specified by the importing user does not exist");
}
if (existingUser.AlternativeNames == null)
{
existingUser.AlternativeNames = new List <string>();
}
if (string.IsNullOrWhiteSpace(user.SamAccountName) || string.IsNullOrWhiteSpace(user.UserPrincipalName))
{
throw new InsufficientDataException("UserPrincipalName or SamAccountName must be specified to import a user");
}
if (!string.IsNullOrWhiteSpace(user.SamAccountName))
{
existingUser.AlternativeNames.Add(user.SamAccountName);
}
if (!string.IsNullOrWhiteSpace(user.UserPrincipalName))
{
existingUser.AlternativeNames.Add(user.UserPrincipalName);
}
}
configurationRepository.Update <AuthenticablePrincipal>(existingUser);
}
private void ImportWithoutMerge(ImportUsersActiveDirectoryMetadataModel entity)
{
var domains = configurationRepository.GetAll <ActiveDirectoryMetadata>();
foreach (var user in entity.Users)
{
if (!configurationRepository.Exists <ActiveDirectoryMetadata>(user.DomainId))
{
throw new ReferencedObjectDoesNotExistException("The authentication realm specified by the importing user does not exist");
}
configurationRepository.Insert <AuthenticablePrincipal>(new AuthenticablePrincipal()
{
Enabled = true,
Id = Guid.NewGuid(),
Name = user.SamAccountName
});
}
}
public void ImportUser(ImportUsersActiveDirectoryMetadataModel entity, ClaimsPrincipal user)
{
if (entity == null)
{
throw new ArgumentNullException(nameof(entity));
}
authorizationLogic.IsAuthorizedThrowsException(AuthorizationScopes.ManageUsers, user, entity, EventCategory.UserManagementImport);
ValidateImportEntity(entity);
if (entity.Merge)
{
ImportMerge(entity);
}
else
{
ImportWithoutMerge(entity);
}
}
private void ValidateImportEntity(ImportUsersActiveDirectoryMetadataModel entity)
{
foreach (var user in entity.Users)
{
if (!string.IsNullOrWhiteSpace(user.SamAccountName))
{
if (configurationRepository.Exists <AuthenticablePrincipal>(x => x.Name == user.SamAccountName))
{
throw new ReferencedObjectAlreadyExistsException("The user selected to be imported already exists");
}
}
if (!string.IsNullOrWhiteSpace(user.UserPrincipalName))
{
if (configurationRepository.Exists <AuthenticablePrincipal>(x => x.Name == user.UserPrincipalName))
{
throw new ReferencedObjectAlreadyExistsException("The user selected to be imported already exists");
}
}
}
}
